An efficient encryption method to secure data with reduced number of encryption operations

ABSTRACT

The invention is particularly related with an encryption method that aims to secure an input data with reduced number of encryption operations. The invention claim the security by using the hardness of the unique decodability of the variable-length non-prefix-free (NPF) codes. The proposed encryption system is operated according to these steps, compression of the input data and coding with the introduced NPF encoding that splits the independent and identically distributed (IID) data to the two stream as code-word boundaries information data, which has all information of boundaries of NPF code words stream, and NPF code words stream which has all payload of encoded IID data except code-word boundaries information and then encrypting the code-word boundaries information without NPF code words stream.

TECHNICAL FIELD

The invention is related with encryption method, which reduces theamount of required encryption operations.

The invention is particularly related with an encryption method, whichclaim the security by using the hardness of the unique decodability ofthe variable-length non-prefix-free (NPF) codes.

PRIOR ART

In terms of computational load, the encryption operations are heavyduties occupying significant CPU time, and thus, they are serious powerconsumers. Reducing this load is especially important inbattery-constrained computational environments with limited processingcapacities such as the sensor networks, unmanned aerial vehicles, mobilevideo transmission, and etc . . .

When data volume is huge such as the case in video transmission,encryption of the whole data introduces a heavy computational load, andalso a serious power consumption in parallel. Thus, methods to reducethis load have attained significant attention. There are somedevelopments present in the known state of the art that aim to reducethe amount of encryption operations while securing data. The mainapproach in those studies is selective (or partial) encryption of thedata. In selective encryption some selected parts that are assumed to beimportant information content of the data are encrypted, and the rest ofthe data is transmitted/stored in plain format.

The daily practice in securing data is to first compress the data andthen encrypt it with an encryption scheme that is assumed to be secure.In that sense perform the compression and encryption steps together hasalso been considered. However, notice that, in that approach the numberof encryption operations are not reduced, but the main point is toachieve the compression and encryption in a single step to gain fromelapsed time. We provide some of the exemplary patents regarding to bothcombined compression and encryption as well as the partial (selective)encryption.

For example in the US2016124983A1 patent document which can be given asan example to these developments, secure compression algorithms areprovided that may be employed as a single operation on raw data toproduce compressed and encrypted data. In embodiments, the algorithmsdescribed herein may be performed using any type of dictionary basedencryption. In one embodiment, upon adding a new prefix to a dictionarytable, the dictionary table may be permuted to randomize the entriesinto the table. The randomization may be based upon a permutation valuegenerated by a deterministic pseudo-random generator and/orpseudo-random function. Other embodiments of randomization may beemployed to provide secure compression.

In the American Patent document numbered US2007083467A1 within the knownstate of the art, the invention pertains to improved techniques topartially encrypt media files. The encryption serves tocryptographically secure only a portion of the media data within a mediafile, while the remaining portion of the media data is notcryptographically secured. Although only partial encryption is used, theportion being encrypted serves to substantially disrupt usefulness ofother parts of the media file which are not encrypted. In other words,the partial encryption renders the media file substantially unusable byunauthorized users.

In the American Patent document numbered US2007110225A1 within the knownstate of the art, methods and devices are provided for accelerating thethroughput and or reducing the power consumption of symmetriccryptography algorithms. Certain computations of a symmetric encryptionor decryption algorithm are performed during a first phase, the resultsare saved to memory, and the results are retrieved to encode data duringa second phase. If the first phase is implemented while the battery isbeing charged and the second phase is implemented while the system runson battery power, the battery life is significantly extended compared tothe battery life when all phases are implemented using solely batterypower.

In the American Patent document numbered US2004193871A1 within the knownstate of the art, particular portions of a message receive strongencryption while other parts of the message are less strongly encryptedor even unencrypted, resulting in a differentially encrypted data set.The data set is transmitted to a receiving end where it may be decryptedas desired. Receiving stations requiring the encrypted information andhaving authorized access may decrypt it, while other stations maydecrypt this information only partially or not at all. Requiredcomputational power is reduced both on the client side and in channelprocessing because only selected portions of the message are subject tostrong encryption and decryption processing, and latency and problemsassociated with latency are reduced.

In the American Patent document numbered US2007263876A1 within the knownstate of the art, methods and devices related to compression andencryption of data. Data to be encrypted and compressed is firstreceived and then stored in physical memory. Once stored in a datastructure in physical memory, the data is streamed to a process whichcompresses the data. The compressed data is then streamed, from thephysical memory, to an encryption process. The compressed and encrypteddata can then be transmitted. To decrypt and decompress, the compressedand encrypted data is first read into another data structure that storesthe data into physical memory. The data is then streamed from thephysical memory to, in turn, a decryption process and then adecompression process.

There are lots of patents based on selective (partial) encryptionespecially targeting the multimedia data transmission and storage also,such as US20050141713A1 Selective multimedia data encryption (SCMmicrosystems), US US20080065903A1 Selective encryption of data stored onremovable media in an automated data storage library (IBM), U.S. Pat.No. 7,039,938B2 Selective Encryption for video-on-demand, U.S. Pat. No.5,805,700 A Policy based selective encryption of compressed video data(Intel), and many more.

It had been previously shown that symetric security algorithms roughlydoubles the energy consumption of normal operation in thoseenvironments, and asymetric security algorithms increase the energyusage per bit in orders of magnitudes. Providing the data security insuch platforms is becoming more and more important considering theirwide-spread in the fast approaching era of the internet of things (IoT),where privacy will be a necessity rather than a preference.

As it can be understood from the similar mentioned documents abovedifferent methods are being used in order to develop an encryptionmethod to be applied on compressed data. The difference of the proposedstudy from selective (partial) encryption is that the proposed inventionprovides the security of the full data, where in selective encryptiononly the selected sections of the data are secured. The reduction in theamount of encryption improves on larger files with the proposedtechnique, where around 10 percent encryption of the data becomessufficient. In selective encryption the ratio is fixed regardless of thesize of the data. When compared to combined encryption/compressionschemes, those schemes do not aim to reduce the encryption operationsbut to reduce the time required for the total operations, and thus, notvery much related with the aim of this invention.

BRIEF DESCRIPTION OF THE INVENTION AND ITS AIMS

The aim of this invention is to provide a method for data encryptionwhich reduces the amount of required encryption operations.

The data encryption method provided in order to reach the aims of theinvention comprises the code-word boundaries which is absolutelynecessary for correct decoding.

In the proposed data encryption method, process is applied on randomlydistributed input data, which is obtained by applying a compressionalgorithm on the input data when the data itself is not assumed to beindependent and identically distributed. When the data itself reflects arandom distribution, then the compression step can be skipped and theproposed method can directly be applied on the input data. From now on,we will refer to the compressed input data or the input data that isalready i.i.d without compression as IID data and the proposed NPFcoding scheme will be applied on that IID data.

The proposed invention makes it possible to secure the IID data with upto 90% less encryption. The gain in the encryption amount with theproposed technique is based on a parameter d, that specifies theblock-size in bits, which is selected according to the size of thecompressed data. The block-size parameter d is selected such thatn≥d.2^(d), where n is the number of bits in the IID data. Thus, largerthe n value, it becomes feasible to select larger d values. With largerd values the code-word boundary information becomes smaller in volume,and since we are only encrypting it for the security, the gain inencryption improves.

DETAILED DESCRIPTION OF THE INVENTION

The data encryption method that is provided in order to reach the aimsof the invention has been illustrated in the attached figures. Accordingto the figures;

FIG. 1 is the general sketch view of data encryption method.

The parts in the figures have been numbered as follows;

-   -   1. Input Data    -   2. Compression    -   3. Compressed data    -   4. IID data    -   5. NPF encoding    -   6. Code-word boundaries information    -   7. Code-word stream    -   8. Encryption    -   9. Encrypted code-word boundary information    -   10. Secured data

The proposed technique processes the n bits long IID data (4) in d-bitslong blocks, and replaces every d-bits long block by its correspondingvariable-length non-prefix-free code-word generated according to theintroduced new coding scheme. The IID data (4) is obtained from inputdata (1) by compressing (2) it. When input data (1) can be assumed to beindependently and identically distributed, the IID data (4) is directlythe input data (1) itself omitting the compression (2) step.

A typical block length parameter d is selected such that n≥d.2^(d) . TheIID data (4) is encoded with the introduced method of variable-lengthnon-prefix-free coding scheme (NPF) (5). The NPF encoding (5) stepcreates two streams of data. The first stream of is the code-word stream(7), where each fixed d-bits long block of the IID data (4) is NPFencoded (5) with a code-word of varying bit-length. The second stream isthe code-word boundary information (6) that specifies the lengths ofeach code-word in the code-word stream (7).

The NPF code-words set is generated without the prefix-free restrictionso that a code-word may be a prefix of another. Thus, non-prefix-free(NPF) code words stream (7) is ambiguous and cannot be decoded withoutthe knowledge of the code-word boundaries information (6). The lack ofunique decodability without the code-word boundaries information (6) inNPF encoding (5) provides a unique opportunity in terms of security.Therefore, encrypting (8) the code-word boundary information (6) with anappropriate encryption algorithm is sufficient to provide the securityof the input data (1).

The code-words stream (7) is kept intact as it cannot be decoded withoutthe code-word boundary information (6), that is already encrypted (8).

Generally, the security of a system depends on the hardness of solving amathematical question such as the discrete logarithm or thefactorization problems. In this invention it is made use of the hardnessof decoding a sequence NPF encoded (5) with variable-lengthnon-prefix-free codes in case the knowledge of the code-word boundariesinformation (6) is missing. The hardness of cipher-text only attacks onnon-prefix-free codes and even on prefix codes had been previouslystudied in the literature (CITATIONs from the paper).

To examine in detail, A=a₁a₂ . . . a_(n) is an independently andidentically distributed (i.i.d) random bit sequence (4), and d>1 is aninteger indicating a bit block length. Without loss of generality, it isassumed n is divisible by d as it is always possible to pad the A withnecessary number of randomly generated bits if this is not the case.

The number of d-bits long blocks in A is r=n/d and A can be representedas

=b₁ b₂ . . . b_(r), where each d-bits long b_(i) in

, for 1≤I≤r, is drawn from the alphabet Σ={0, 1, 2, . . . 2^(d)→1}. Forinstance, when d=3, the alphabet becomesΣ={000,001,010,011,100,101,110,111}, and |Σ|=2 ^(d)=8. Since A has beenassumed to be an i.i.d random bit sequence,

can also be assumed i.i.d. over Σ for reasonable d values selectedaccording to the size of A.

Definition 1. The minimum binary representation (MBR) of an integer i≥2is its binary representation without the leftmost 1 bit.

As an example, the minimum binary representation of 21 is MBR (21)=0101by omitting the leftmost set bit in its binary representation as21=(0101)₂.

Definition 2. Let Σ″={∈₁, ∈₂, . . . , ∈_(z)} for z=2^(d) be a randompermutation of the alphabet Σ={0, 1, 2, . . . , 2^(d)−1}, and W={w₁, w₂,w_(z)} is a code-word set such that

$w_{i} = \left\{ \begin{matrix}{{{MBR}\left( {2 + \epsilon_{i}} \right)},} & {{{if}\mspace{14mu} \epsilon_{i}} < {2^{d} - 2}} \\\begin{matrix}\left\{ {{{{MBR}\left( {2^{d} + \delta} \right)}\text{:}\mspace{14mu} {\forall{{\delta\epsilon}\left\{ {0,1,\ldots \mspace{14mu},{2^{d} - 1}} \right\}}}},} \right. \\{{{{where}\mspace{14mu} \delta} = {\left\{ {0,3} \right\} \mspace{14mu} {mod}\mspace{14mu} 4}},}\end{matrix} & {{{if}\mspace{14mu} \epsilon_{i}} < {2^{d} - 2}} \\\begin{matrix}\left\{ {{{{MBR}\left( {2^{d} + \delta} \right)}\text{:}\mspace{14mu} {\forall{{\delta\epsilon}\left\{ {0,1,\ldots \mspace{14mu},{2^{d} - 1}} \right\}}}},} \right. \\{{{{where}\mspace{14mu} \delta} = {\left\{ {1,2} \right\} \mspace{14mu} {mod}\mspace{14mu} 4}},}\end{matrix} & {{{if}\mspace{14mu} \epsilon_{i}} < {2^{d} - 1}}\end{matrix} \right.$

Assuming an input sequence

=b₁ b₂ . . . b_(z), where 0≤b_(i)≤2^(d) for all 1≤i≤r, thenon-prefix-free encoding (4) of

is denoted by N P F (

)=w_(1+b) ₁ w_(1+b) ₂ . . . w_(1+b) _(r′) that is generated byconcatenating the code-words determined by each b_(i) in order. When acode-word has multiple options, which is the case for ∈_(i)≥2^(d)−2, arandom code-word among the possibilities is selected.

The NPF encoding (4) of a sample sequence according to the Definitions 1and 2 with the parameter d=3 is shown in Scheme 2. The code-words w₁ andw₅ are sets due to the corresponding values of ∈_(i)=6=2³−2 and∈₅=7=2³−1. Thus, when b_(i)=4 or b_(i)=0, a randomly selected code-wordrespectively from sets w₅ or w₁, is inserted into the NPF (

) stream. At a first glance, using multiple code-words as an exceptionfor the two ∈_(i)≥2^(d)−2 values might seem a bit strange. The reasonfor that is to avoid a possible statistical attack.

Proposition 1. In a code-word set W that is generated for a block lengthd>1 according to Definition 2, the bit-lengths of the code-words are in{1, 2, . . . , d}. The number of l-bits long code-words for each l ∈ {1,2, . . . , d−1} is 2^(l), and there exist 2 sets of code-words for l=deach of which includes 2^(d−1) code-words.

Σ = 0 1 2 3 4 5 6 7 Σ′ = 6 0 5 1 7 2 4 3 = ϵ₁ ϵ₂ ϵ₃ ϵ₄ ϵ₅ ϵ₆ ϵ₇ ϵ₈ W ={000, 011, 100, 111} 0 11  1 {001, 010, 101, 110} 00  10  01  = w₁ w₂ w₃w₄ w₅ w₆ w₇ w₈ A = 001  110  101  011  010  111  100  000 

 = 1 6 5 3 2 7 4 0 NPF ( 

 ) = w₂ w₇ w₆ w₄ w₃ w₈ w₅ w₁ = 0 10  00  1 11  01  001  000 

Scheme. 2. A simple sketch of the non-prefix-free encoding (4) of aninput data (1) bit sequence. A is the input data (1), where

is the representation of A by assuming the block length d=3. Σ′ is arandomly selected permutation of the corresponding alphabet Σ, and W isthe non-prefix-free code-word set generated for Σ′ according toDefinition 2.

Proof According to Definition 2, the entities in W are minimum binaryrepresentations of numbers {2, 3, . . . , 2^(d+)−1}. Since the MBRbit-lengths of those numbers range from 1 to d, there are d distinctcode-word lengths in W. Each code-word length l ∈ {1, 2, . . . , d−1}defines 2^(l) distinct code-words, and thus, total number of code-wordsdefined by all possible l values becomes

Σ_(i=1) ^(d−1)2^(l)=2^(d)−2

The remaining 2 code-words out of the |W|=2^(d) items require d-bitslong bit sequences. For example, when d=3, the |W| includes 2(=2¹)code-words of 1-bit long, 4(=2²) code-words of length 2, and 2(=2³−6)code-word sets of length 3-bits as shown in Scheme 2.

Lemma 1. Assuming

=b₁ b₂ . . . b_(r) denotes an input sequence, where d-bits long b_(i)values for 1≤i≤r and d>1 are independent and identically distributedover {0, 1, 2, . . . , 2^(d)−1}, the total bit length of thenon-prefix-free code-words encoding the

sequence is

${{{NPF}\mspace{14mu} (\mathcal{B})}} = {r \cdot \left\lbrack {d - 2 + \frac{\left( {d + 1} \right)}{2^{d - 1}}} \right\rbrack}$

Proof Since

is i.i.d., each value from set {0, 1, 2, . . . , 2^(d)−1} appearsr/(2^(d)) times in

. As stated in Proposition 1, the code-word lengths for NPF encoding (4)in W vary from 1 to d such that there are 2^(l) code-words for each l ∈{1, 2, . . . , d−1}, and l=d bits long code-words are included in 2separately maintained sets. The number of b_(i) values that arerepresented by each l ∈ {1, 2, . . . , d−1} bits in NPF(

) is (2^(l).(r/(2^(d))) and thus their contribution to |NPF(

)| is (l.2^(l).(r/(2^(d))) bits. Since there are 2 code-word set optionsfor length l=d, they produce (d.2.(r/(2^(d))) bits in NPF (

). Summing these up gives the total length of the NPF code-stream as:

$\begin{matrix}{{{{NPF}\mspace{14mu} (\mathcal{B})}} = {\frac{r}{2^{d}}\left( {1.2 + 2.2^{2} + \ldots + {\left( {d - 1} \right) \cdot 2^{d - 1}} + {d \cdot 2}} \right)}} \\{= {\frac{r}{2^{d}}\left( {{2 \cdot d} + {\sum\limits_{i = 1}^{d - 1}\; {i \cdot 2^{i}}}} \right)}} \\{= {\frac{r}{2^{d}}\left( {{2 \cdot d} + {2^{d} \cdot \left( {d - 2} \right)} + 2} \right)}} \\{= {r \cdot \left\lbrack {d - 2 + \frac{\left( {d + 1} \right)}{2^{d - 1}}} \right\rbrack}}\end{matrix}$

While computing the summation term in

${\frac{r}{2^{d}}\left( {{2 \cdot d} + {\sum\limits_{i = 1}^{d - 1}\; {i \cdot 2^{i}}}} \right)},$

it is used the formula from basic algebra that

Σ_(i=1) ^(p) i.2^(i)=2^(p+1)(p−1)+2

and substitute p=d−1.

The input sequence

is originally r.d bits long, and the NPF encoding (5) reduces that spaceto

${{r \cdot \left\lbrack {d - 2 + \frac{\left( {d + 1} \right)}{2^{d - 1}}} \right\rbrack}\mspace{14mu} {{as}\mspace{14mu}\left\lbrack \frac{\left( {d - 1} \right)}{2^{d - 1}} \right\rbrack}} < {2\mspace{14mu} {for}\mspace{14mu} {all}\mspace{14mu} d} > 1.$

However, since non-prefix-free codes are not uniquely decodable, NPF (

) cannot be converted back to the original

sequence in absence of the code-word boundaries information (6) on NPF (

). Thus, it is rigidly necessary that representing the code-wordboundaries information (6) positions on NPF (

) for proper decoding. Lemma 2 states an efficient method to achievethis task.

Lemma 2. Let

=b₁ b₂ . . . b_(r) denotes an input sequence such that the b values arei.i.d. over {0, 1, 2, . . . , 2^(d)−1}. The number of bits required torepresent the code-word boundaries information (6) in the NPF (

) is

$r \cdot \left\lbrack {2 - \frac{1}{2^{d - 2}}} \right\rbrack$

Proof There exists 2^(l) code-words for each code-word length l ∈ {1, 2,. . . , d−1}, and each code-word is substituted in place of r/2^(d)items in

=b₁ b₂ . . . b_(r) during the NPF encoding (5) of the

. For l=d−1, the number of code-words with that length is

${2^{d - 1} \cdot \frac{r}{2^{d}}} = \frac{r}{2}$

and similarly, when l=d−2, there appears

${2^{d - 2} \cdot \frac{r}{2^{d}}} = \frac{r}{4}$

code-words having length d−2. As a generalization, for l=d−2 where i={1,2, . . . , d−1}, there are

${2^{d - i} \cdot \frac{r}{2^{d}}} = \frac{r}{2^{i}}$

code-words with length l on NPF (

). It is maintained (d−1) bitmaps denoted by

₁,

₂ . . .

_(d−1) such that

₁ is dedicated to the specific code-word length l=d−i for i=1 to i=d−1.The bit sequence

₁ is of

$\frac{r}{2^{i - 1}}$

bits long, in which the positions that correspond to (d−i)-bits longcode-words are marked with 1, and rest to 0.

For instance, on the first level bitmap

₁ the positions of code-words with length l=d−1 are specified by 1, andrest with 0.

₁ contains r bits, and the number of zero and one bits are equal sincethere are

${2^{d - 1} \cdot \frac{r}{2^{d}}} = \frac{r}{2}$

items whose NPF code length is l=d−1. The second bitmap

₂ is r/2 bits long that are reserved for the items represented by 0 in

₁. In

₂, the positions whose length l=d−2 are set to 1, and rest to 0. Sameprocess is repeated on all bitmaps. The last bitmap

_(d−i) becomes

$\frac{r}{2^{d - 2}}$

bits long, on which the code-words of lengths l=1 and l=d are markedwith 1 and 0 bits, respectively. The total number of bits in these (d−1)bitmaps can be computed with

${r \cdot \left( {1 + \frac{1}{2} + \frac{1}{4} + \ldots + \frac{1}{2^{d - 2}}} \right)} = {{r \cdot {\sum\limits_{i = 0}^{d - 2}\frac{1}{2^{i}}}} = {r \cdot \left\lbrack {2 - \frac{1}{2^{d - 2}}} \right\rbrack}}$

NPF ( 

 ) = 0 10 00 1 11 01 001 000 Code - word lengths = 1 2 2 1 2 2 3 3

 ₁ = 0 1 1 0 1 1 0 0

 ₂ = 1 1 0 0 1 1 0 0

Scheme 3. Marking the code-word boundaries information (5) on the sampleNPF (

) via the proposed method. The 2-bits long code-words are marked on thefirst bitmap

₁ by 1 bits. The lengths for those that are represented by 0 on

₁ are specified on the second bitmap

₂, on which 1- and 3-bits long code-words represented, respectively, by1 and 0 bits.

Scheme 2 depicts the proposed method to mark the code-word boundariesinformation (6) on the sample NPF (

) introduced in Scheme 2 Since d=3 in that sample, there are d−1=2bitmaps. On the first bitmap

₁ that is r=8 bits long, the positions represented with 1 bits indicatethat the corresponding code-words that are d−1=2 bits long. The secondbitmap

₂ is r/2=4 bits long, on which the positions with bit 1 mark the (d−2)=1bit long code-words, and the positions with 0 bit indicate the d=3 bitslong code-words. In total

 1  +  2  = 8 · [ 2 + 1 2 3 - 2 ] =

12 bits are used.

Theorem 1. Let

=b₁ b₂ . . . b_(r) be an input sequence, where the b_(i) values, for1≤i≤r, are i.i.d. over Σ={0, 1, 2, . . . 2^(d)−1}, and represented byd-bits. The total bit length of the NPF encoding (4) of the sequence

with the code-word boundaries information (5) specification informationis:

$r \cdot \left\lbrack {d + \frac{\left( {d - 1} \right)}{2^{d - 1}}} \right\rbrack$

Proof Sum of the space consumption described in Lemmas 1 and 2 returnsthis.

${{r \cdot \left\lbrack {d - 2 + \frac{\left( {d + 1} \right)}{2^{d - 1}}} \right\rbrack} + {r \cdot \left\lbrack {2 - \frac{1}{2^{d - 2}}} \right\rbrack}} = {r \cdot \left\lbrack {d + \frac{\left( {d - 1} \right)}{2^{d - 1}}} \right\rbrack}$

The NPF encoding (5) of the input sequence

, which is originally r•d bits long, introduces an overhead thatrequires

${r \cdot \left\lbrack \frac{\left( {d - 1} \right)}{2^{d - 1}} \right\rbrack},$

more bits as seen on Theorem 1. The number of extra bits per eachoriginal bit in

can be computed with

$\left\lbrack \frac{r \cdot \frac{\left( {d - 1} \right)}{2^{d - 1}}}{r \cdot d} \right\rbrack = \left\lbrack \frac{\left( {d - 1} \right)}{d \cdot 2^{d - 1}} \right\rbrack$

TABLE 1 $\begin{matrix}{{The}\mspace{14mu} {{overhead}\mspace{14mu}\left\lbrack \frac{\left( {d - 1} \right)}{d \cdot 2^{d - 1}} \right\rbrack}\mspace{14mu} {bits}\mspace{14mu} {per}\mspace{14mu} {each}\mspace{14mu} {original}\mspace{14mu} {bit}\mspace{14mu} {introduced}\mspace{14mu} {by}\mspace{14mu} {the}} \\{{proposed}\mspace{14mu} {NPF}\mspace{14mu} {encoding}\mspace{14mu} (4)\mspace{14mu} {for}\mspace{14mu} {some}\mspace{14mu} {selected}\mspace{14mu} d\mspace{14mu} {{values}.\mspace{14mu} {Notice}}\mspace{14mu} {that}} \\{{the}\mspace{14mu} {overhead}\mspace{14mu} {becomes}\mspace{14mu} {negligible}\mspace{14mu} {with}\mspace{14mu} {increasing}\mspace{14mu} d\mspace{14mu} {{values}.}}\end{matrix}\quad$ d = 2 4 8 16 20 24 32$\frac{\left( {d - 1} \right)}{d \cdot 2^{d - 1}} \approx$ 0.25 0.1256.8 · 10⁻³ 2.8 · 10⁻⁵ 1.8 · 10⁻⁶ 1.1 · 10⁻⁷ 4.5 · 10⁻¹⁰

Table 1 summarizes the amount of extra bits introduced by the proposedNPF encoding (5) per each original bit IID data (4). Thanks to theexponentially increasing denominator (2^(d−1)) in the denominator of theequation

$\left\lbrack \frac{r \cdot \frac{\left( {d - 1} \right)}{2^{d - 1}}}{r \cdot d} \right\rbrack = \left\lbrack \frac{\left( {d - 1} \right)}{d \cdot 2^{d - 1}} \right\rbrack$

that the extra space consumption quickly becomes very small, and evennegligible with larger d values. When d=8, the proposed NPF encoding (5)method produces only 6.8 extra bits per a thousand bit. Similarly, theoverhead becomes less than 3 bits per 100K bits, and less than 2 bitsper a million bit for the values of d=16 and d=20, respectively. Thus,while selecting d, one needs to choose a high d value not to spend morespace, where as a minimum d=8 seems to be useful in practicalapplications.

What is claimed is:
 1. An encryption method, comprising compression ofthe input data before all encoding operations, wherein the methodfurther comprises the following steps: coding with non prefix freeencoding operation of compressed data; splitting the compressed data totwo streams as code-word boundaries information data which has allinformation of boundaries of non prefix free code words stream, and nonprefix free code words stream which has all payload of encodedcompressed data except code-word boundaries information; encryption ofcode-word boundaries information without non prefix free code wordsstream.
 2. An encryption method, comprising taking input data where adistribution of symbols in the input data is identically andindependently distributed, wherein the method further comprises thefollowing steps: coding with non prefix free encoding operation of inputdata; splitting the input data to the two stream as code-word boundariesinformation data which has all information of boundaries of non prefixfree code words stream, and non prefix free code words stream which hasall payload of encoded input data except code-word boundariesinformation; encryption of code-word boundaries information without nonprefix free code words stream.
 3. A decryption method for decrypting theinput data secured with the encryption method of claim 1, wherein thedecryption method comprises the following steps: decryption of theencrypted code-words boundary information; decoding the non prefix freecoding of the code-words stream according to the decrypted code-wordboundary information; and generating the input data by decompressing theextracted compressed data.
 4. A decryption method for decrypting theinput data secured with the encryption method of claim 2, wherein thedecryption method comprises the following steps: decryption of theencrypted code-words boundary information; decoding the non prefix freecoding of the code-words stream according to the decrypted code-wordboundary information; and generating the input data.